Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / vstinner/python-security issues and pull requests

#42 - Point people to the PSF Advisory Database

Pull Request - State: closed - Opened by sethmlarson over 2 years ago - 3 comments

#41 - Thoughts on elevating content to more visible location

Issue - State: closed - Opened by sethmlarson almost 3 years ago - 2 comments

#40 - Automate updating python_releases.txt

Pull Request - State: closed - Opened by CharlieZhao95 over 3 years ago - 1 comment

#39 - Add CVE-2018-25032: vulnerable zlib 1.2.11

Pull Request - State: closed - Opened by CharlieZhao95 over 3 years ago - 1 comment

#38 - Add CVE-2016-3189 and CVE-2019-12900 (bzip2 1.0.8)

Pull Request - State: closed - Opened by CharlieZhao95 over 3 years ago

#37 - Update Python releases

Pull Request - State: closed - Opened by CharlieZhao95 over 3 years ago - 1 comment

#36 - Added recently disclosed vulnerabilities to the cve directory

Issue - State: open - Opened by CharlieZhao95 over 3 years ago - 11 comments

#35 - Removing taken-over link pytosquatting.org

Pull Request - State: closed - Opened by kam193 almost 4 years ago - 1 comment

#34 - PyPI 2022-05-24: remove comment regarding email protections

Pull Request - State: closed - Opened by ewdurbin almost 4 years ago

#33 - Add a missing character for reStructuredText link

Pull Request - State: closed - Opened by pradyunsg almost 4 years ago - 1 comment

#32 - Add edits from review of #31

Pull Request - State: closed - Opened by di almost 4 years ago

#31 - `ctx` project takeover

Pull Request - State: closed - Opened by ewdurbin almost 4 years ago

#29 - July PyPI Vulnerabilities

Pull Request - State: closed - Opened by di almost 5 years ago - 1 comment

#28 - document 2021-06-15 PyPI security incident

Pull Request - State: closed - Opened by ewdurbin almost 5 years ago

#27 - CVE-2021-29921 Update title & links for advisory

Pull Request - State: closed - Opened by sickcodes about 5 years ago - 1 comment

#26 - Information disclosure in pydoc was reported by David

Pull Request - State: closed - Opened by hroncok about 5 years ago - 1 comment

#25 - Bad branch name in timeline

Issue - State: closed - Opened by frenzymadness about 5 years ago - 1 comment

#22 - document CSRF vulnerability on PyPI upload endpoint

Pull Request - State: closed - Opened by ewdurbin about 6 years ago

#21 - document reported vulnerabilities in pypi BasicAuth and Token authentication

Pull Request - State: closed - Opened by ewdurbin over 6 years ago - 1 comment

#20 - Progress on Zip Bomb vulnerability

Issue - State: closed - Opened by krnick over 6 years ago - 1 comment

#19 - Add more issues

Issue - State: closed - Opened by vstinner almost 7 years ago - 1 comment

#18 - Add update vendorized expat to 2.2.7: CVE-2018-20843

Issue - State: closed - Opened by vstinner almost 7 years ago - 1 comment

#17 - Add sample script for cookiejar path check vulnerability.

Pull Request - State: closed - Opened by tirkarthi almost 7 years ago - 2 comments

#16 - Add sample script for cookiejar path vulnerability

Pull Request - State: closed - Opened by tirkarthi almost 7 years ago - 2 comments

#15 - Add cookiejar path related security issue

Pull Request - State: closed - Opened by tirkarthi almost 7 years ago - 3 comments

#14 - Fix typo

Pull Request - State: closed - Opened by gsmethells almost 7 years ago - 2 comments

#13 - Add bpo-35121

Issue - State: closed - Opened by tirkarthi about 7 years ago - 1 comment

#12 - Clarification for versions affected by CVE-2019-5010

Issue - State: closed - Opened by dimaqq over 7 years ago - 3 comments

#11 - [WIP] Add CVE-2019-5010

Pull Request - State: closed - Opened by tirkarthi over 7 years ago - 2 comments

#10 - CVE-2013-7440 doesn't apply to Python 2.7

Pull Request - State: closed - Opened by davidfraser over 7 years ago - 1 comment

#9 - Link to the Python Security Announce mailing list

Pull Request - State: closed - Opened by warsaw about 8 years ago

#8 - Fix typo: s/borringssl/boringssl/

Pull Request - State: closed - Opened by gtback over 8 years ago - 1 comment

#7 - Security Report for Clear Text PyPI user credentials on GitHub

Pull Request - State: closed - Opened by ewdurbin over 8 years ago

#6 - namespace index vulnerabilities

Pull Request - State: closed - Opened by ewdurbin over 8 years ago - 1 comment

#5 - write up 2017-10-12 Package Index security response

Pull Request - State: closed - Opened by ewdurbin over 8 years ago - 1 comment

#4 - Add link to blog post for c2py exploit

Pull Request - State: closed - Opened by CarlEkerot almost 9 years ago - 1 comment

#3 - Clarify concern with str.format & untrusted input

Pull Request - State: closed - Opened by ncoghlan almost 9 years ago

#2 - Fix string formatting error

Pull Request - State: closed - Opened by jwilk about 9 years ago - 1 comment

#1 - Adding specifiers

Issue - State: closed - Opened by jayfk about 9 years ago - 3 comments